Caller ID Verification VSC

Background

Caller ID spoofing is incredibly easy today and incredibly common. For that reason, it's generally an untrustworthy source of metadata. Although caller ID was invented by the Bell System as a convenience, many people today rely on this untrustworthy info, making it easy for them to fall victims to scams or identity fraud.

We propose a new vertical service code that would allow for selective verification of incoming calls and would work with minimal overhead and not impose any compatibility issues. The only requirement is that both parties pay for call waiting and caller ID.

How It Would Work

Caller receives incoming call. If he waits at least one ring to answer it, he also receives caller ID from the phone company.

Caller answers incoming call. The two parties converse. For some reason, the called party wants to verify that the caller is who he says he is.

The called party flashes to a second dial tone and keys in the vertical service code (*XX or 11XX). An acknowledgement tone is played, and the telephone switch establishes a second connection to the last incoming number to the called party. Presumably, this will ring the calling party with a second call.

The caller party is notified of a second call by the call waiting tone and flashes to accept it. He is instructed to enter the telephone number he just called (this would require DTMF, but a speech-to-text component would include pulse users as well). If the number received by the switch matches the number that he apparently just called, the call is verified as "authentic" - it actually originated from that number.

As you might expect, this only works if calling the calling party back again would ring the same physical pair on which the first call originated. While this used to be very common, and will still be the case for practically all residence and small business lines, it may not necessarily hold for larger businesses or call centers.

With this scheme, we do not expect the possibility for false positives. Since POTS-to-POTS end-to-end connections are not as common today, however, there could certainly be a large number of false negatives, since this would only work between two POTS switches. In other words, this is a secure-by-default (unverified until verified) scheme, where if a caller is reported as "authentic", there is no chance of that being untrue (but the reverse is not necessarily true).

What This Vertical Service Code Is and Isn't

The proposed VSC would allow callers to verify that an incoming call is really from the ANI (caller ID) from which it claims to be.

It would not prevent telemarketing calls, spam calls, or any calls, for that matter. The idea is to allow selective verification on calls where confirming the caller's authenticity may be important.

Scope

This vertical service code could conceivably be implemented on central office switches serving POTS phones. This means it would work for traditional analog pair customers, including business customers who use traditional hunt group arrangements for their PBX without direct-outward-dialing, and it would not work for PRI, VoIP, or mobile/wireless users.

In other words, it is a requirement to have a POTS line on both ends which subscribes to both caller ID and call waiting.